Bugtraq mailing list archives

Re: SSH-1.2.27 & RSAREF2 exploit

From: wakko () WTOWER COM (Wakko Ellington Warner-Warner III)
Date: Wed, 15 Dec 1999 04:50:08 -0500


On Tue, 14 Dec 1999, [iso-8859-1] IvÃ¡n Arce wrote:

Ok,  here is the exploit for SSH-1.2.27 compiled with RSAREF2.
It was tested against sshd running on Linux (Redhat 6.0) and OpenBSD
2.6,
from a Linux Redhat 6.0 box.

The exploit is more or less "script-kid-proof" since if it doesnt work a
bit of
debugging, coding and probably crypto skills are needed to make it work.


Why was the code even posted to the list if it's basically useless?  I
wanted to check out my own machine with a working exploit, and I'm sure
most of the people that read this list wanted to do the same.  Now we're
going to have to wait for someone to take the time to "fix" your code up
and repost it to the list in working form.  Posting broken code that
anything beyond a trivial amount of work won't fix is just a waste of
time.

- Alex Prestin

--

"Despite the fact that all of my information about drugs is either 
anecdotal or based on biased, often wildly inaccurate propaganda, I 
think I am completely qualified to label all those who use drugs as 
unworthy of the full-human status that I claim just for having a 
beating heart (pumping squeaky-clean blood, no less!)" - seen on /.
                      -  -  -  -36-  -  -  - 
        NIC: AP5514 http://bitey.net wakko () bitey net

Current thread:

UnixWare i2odialogd remote root exploit, (continued)
- - - UnixWare i2odialogd remote root exploit Brock Tellier (Dec 21)
    - IE 5.01 vulnerabilities in external.NavigateAndFind() Georgi Guninski (Dec 22)
    - Solaris 2.7 dmispd local/remote problems Brock Tellier (Dec 22)
    - Multiple vulnerabilites in glFtpD (current versions) suid (Dec 22)
    - Re: Multiple vulnerabilites in glFtpD (current versions) Per Lejontand (Dec 23)
    - Re: Multiple vulnerabilites in glFtpD (current versions) The Tree of Life (Dec 23)
    - Re-release of Microsoft Security Bulletin MS99-046 Microsoft Product Security (Dec 23)
    - BUG? Non-root user can configure traffic shaper (2.2.13) (fwd) Yuri Kuzmenko (Dec 24)
    - RealMedia Server 5.0 Crasher (rmscrash.c) bow (Dec 22)
    - Re: procmail / Sendmail - five bugs Casper Dik (Dec 23)
    - Re: SSH-1.2.27 & RSAREF2 exploit Wakko Ellington Warner-Warner III (Dec 15)
    - Recent postings about SCO UnixWare 7 Andrew Malcolm (Dec 15)
    - Re: SSH-1.2.27 & RSAREF2 exploit Iván Arce (Dec 15)
    - Oops, my apologies. Wakko Ellington Warner-Warner III (Dec 15)
    - IRCnet IRCD 2.0x Reboot Bug A Bloke (Dec 15)
    - Re: IRCnet IRCD 2.0x Reboot Bug Matus \ (Dec 15)
    - Re: SSH-1.2.27 & RSAREF2 exploit Speed (Dec 15)
  - Security Vulnerability in VVOS TGP Aleph One (Dec 14)
  - CERT Advisory CA-99.15 - Buffer Overflows in SSH Daemon and RSAREF2 Library Aleph One (Dec 14)